Note: This article was originally published in The Technology Source (http://ts.mivu.org/) as: Gary M. Gatien "Trust, Privacy, and the Digital University" The Technology Source, May/June 2000. Available online at http://ts.mivu.org/default.asp?show=article&id=1034. The article is reprinted here with permission of the publisher.

"Organizations today have to be based on trust.
How many people can you know well enough to trust? Probably 50 at most."

Broadly speaking, the words "digital university" refer to the successful
migration of many key activities from paper-based methods to digital methods. A successful
migration means not only that universities will be able to improve the means by which they
do things now, but also that they and their constituencies will have opportunities to do
things that they could not do before.

While this migration includes the assimilation of e-commerce (the buying and selling of
products and services electronically) into our institutions, it also includes many other
"e-activities." We are migrating to a digital world that comprises, for example:

As we migrate, we fundamentally change the way we fulfill our mission. In the future, our
constituents will have quick, electronic, and often interactive access to a variety of
institutional data and information. Trust will often be based on electronic interactions
rather than face-to-face meetings or personal relationships. If we are successful, our
institutions will continue to enjoy the trust of our many constituents while remaining
competitive in an increasingly global and multi-faceted higher education environment.

The Importance of Trust

In todays evolving digital universities, the key to success is "trust."
Trust is fundamental for many reasons. First, the rapid pace of technology innovation
can mean that technological change often takes place before we understand its potential
implications. For example, what impact, if any, do the hundreds of commercially-sponsored
campus Web sites and "smart cards" (Van Der Werf, 1999) have on our
responsibilities under the Family Educational Rights and Privacy Act of 1974 (NCES, 1998; CAUSE, 1997)? Howand how
wellare we protecting faculty and institutional intellectual properties, including
course notes, syllabi, and research on Web sites? From an institutional perspective, how
can we best address intellectual property ownership and royalty issues and manage
potential conflicts of interest? Consider the following:

There is no model for migration that we can follow. In the area of distance
education alone, some higher education institutions have entered into a variety of
partnerships with for-profit companies, some have joined non-profit educational consortia,
some have done both of these and are also delivering courses directly to students, and
others have formed for-profit subsidiaries. Faculty are breaking new ground outside of
their institutions (Marcus, 1999). Furthermore, the unique circumstances at each of our
institutionsincluding our different missions, strengths and weaknesses, funding
levels, cultures, concerns, constituencies, tolerances for risk, infrastructures, and
approaches to outsourcingmay preclude the development of a single model that will
work for all of us.

There is no coherent set of laws, regulations, and policies on the handling of
digital data and information, nor rules for enforcement, that have withstood (or
not been amended by) diverse challenges over time. In
fact, these rules are just now being developed at the state, national, and international
levels among governments, interest and advocacy groups, and trade organizations.

We are facing issues that we have never had to face before. For example,
customer "profiling" (Dembeck, 1999) and
"targeted marketing" (Tedeschi, 1999)
were virtually impossible, or at least much less sophisticated, prior to the digital
revolution. Today, a persons offline and online buying habits can be merged. Private
data can be obtained easily (Penenberg, 1999). A vendor can interrupt
students working at their computers through dinner by sending them a pop-up window
offering to sell them pizza (Woody, 1999).

When things go wrong online, it is the credibility of institutions that's at stake,
not just the reputations of registrars, accounts offices, schools or colleges, or
individual units. In industry parlance, its our "brand name" that is at
risk.

Finally, trust is key because a successful migration to a digital university
requires that we build new, "electronic relationships." In some
cases, we will want to build communities through viable, long-term relationships with
people that we have not met face-to-face. We will need partnerships with all of our
constituencies to share risk and reward so that we may all take advantage of the
opportunities that technology offers.

The Charles Handy quotation that opens this article helps to put into perspective the
scope and complexity of the migration that we face. Thats because we need to build
trust not simply among 50 people, but rather among hundreds, even thousands, of people: a
highly diverse, global audience that includes faculty, students, and staff as well as
parents, alumni, donors, sponsors, vendors, partners, collaborators, governments, and
educational institutions.

Two recent surveys of e-commercean area in which traditional institutions of
higher education lag way behind businesses, government, commercial education providers,
and society in generalhighlight the importance of trust. Jupiter
Communications found that
64% of survey respondents do not trust a Web site to offer privacy even if there is a
privacy policy posted on the site. Jupiter also projected that privacy issues could put an
$18 billion dent in the $40 billion e-commerce revenue the communications firm predicts
will accumulate by 2002. According to Michael Slack, a Jupiter analyst, "Its
not just about having legislation or privacy policy postings. There is a general
nervousness about giving personal and credit card information on the Net"
("Industry Privacy Failures," 1999).

Similarly, NFO Interactive found consumer concern about the safekeeping of online
personal information to be the main reason people chose not to shop online. Consumers said
that what would most entice them to shop at a Web site was "trust that the site would
keep personal information private" ("Industry Privacy Failures," 1999). Another
survey suggests that to address trust successfully, we need to explore this issue with our
constituents in more detail than we have done so far (Cranor, et al,
1993). Business-to-business
(B2B) e-commerce is also struggling to ensure trust and minimize litigation (Hicks, 1999).
Its no wonder that privacy is reportedly becoming the new "e-industry;"
some experts anticipate that security lawsuits will replace Y2K litigation over the next
few years (Mosquera, 1999).

Selected Actions To Help Ensure a Successful Migration

While each of our institutions will have to develop and refine these actions
according to individual circumstances, below are some suggestions for the mission,
guidelines, and action steps of a migrating institution.

Mission: To build an integrated, proactive, extended enterprise of education,
knowledge discovery, co-invention, and community outreach.

Guidelines: First, ensure that needs, desires, policies, and concerns drive
technology selections, not the other way around. Second, within institutions, work
cooperatively across functional areas (e.g., administrative, academic, research, etc.).
Third, work collaboratively with peer institutions. Fourth and finally, provide Web-based,
constituency access via an interface that is easy to use, easy for users to customize,
consistent in its functions, robust in terms of the data and information it provides,
secure, and ADA compliant.

Selected Actions:The National Center for Education Statistics recommends
that higher-education executives raise the visibility of electronic privacy and security
issues and appoint a campus leader for institution-wide privacy and security policy (NCES,
1998). Others recommend improved privacy and security education across campuses. For
example, a 1998 FBI/Computer Security Institute survey found that the average loss for
security breaches ranged from $2.8 million for "unauthorized insider access" to
just $86,000 for "system penetration by an outsider" (Zimits & Montano,
1998).

Not all data and information require the same levels and kinds of protection. Moreover,
resources are not infinite. Consensus-building among constituencies is one way to help
determine priorities.

Conclusion

Higher education institutions are becoming digital universities. To migrate successfully,
we need to address proactively the role and importance of an "old-fashioned" value,
namely trust, in the digital world. We must proceed with a clear mission and guidelines and
take concrete actions based on collaborations with our constituencies. We will likely face
some common technical, policy, privacy, security, and legal issues. However, we will likely
find as well that a successful migration requires unique approaches and solutions.

Van Der Werf, M. (1999, September 3). A vice president from the business world brings a new bottom line to Penn.
Chronicle of Higher Education, pp. A72-75.

Woody, T. (1999, August 6). Back to school in the Internet economy. The Industry Standard.
Retrieved 6 August 1999 from the World Wide Web: http://www.thestandard.net/articles/display/0,1449,5812,00.html.